The increasing prevalence of cyberattacks targeting businesses and government agencies is highlighting the growing role of artificial intelligence (AI) in both offensive and defensive strategies. Sinan Selen, the soon-to-be head of Germany’s domestic intelligence agency, the Verfassungsschutz, noted in Berlin that attacks originating from state-sponsored or state-affiliated actors abroad are increasingly leveraging AI. He stated that his agency is observing both traditionally crafted attacks and those incorporating AI, acknowledging its expanding influence.
Ralf Wintergerst, president of the Bitkom, Germany’s digital association, commented on the perception among businesses, suggesting that approximately 50% of current attacks are already AI-driven. These attacks are characterized by their programming and structure, enabling rapid and repeated iterations. Wintergerst emphasized that attackers are actively optimizing their methods, creating attack patterns designed for swift repetition and AI serves as a valuable tool in that process.
Businesses are concurrently exploring ways to integrate AI-powered pattern recognition into their defenses. This dual approach-expanding AI capabilities on both the attack and defense fronts-reflects a growing recognition of its strategic importance.
A recently released economic security report, presented by Selen and Wintergerst, indicated a continued rise in cyberattacks against the German economy over the past twelve months. The report increasingly implicates Russia and China as sources of these attacks. A significant 87% of companies report experiencing instances of data theft, IT equipment breaches, digital and analog industrial espionage, or sabotage, a notable increase from 81% a year prior. Furthermore, 10% suspect attacks, mirroring the findings from the previous year.
The total financial damage resulting from these analog and digital assaults has risen by approximately 8% year-on-year, reaching €289.2 billion. This figure encompasses direct costs such as business interruptions, replacements, ransomware demands and legal disputes, alongside revenue losses stemming from lost competitive advantages or intellectual property theft.